<?php
/**
 * 前台ajax验证
 */
define ( 'IN_templates', "default" );
include (dirname(__FILE__)."/../includes/init.php");//全局变量

//动作
$act=trim(isset($_POST['act'])?$_POST['act']:"");
//提示消息
$msg="";
//是否执行操作
$msgsuccess="0";//0表示不执行  1表示执行

switch ($act){
	
	case "captcha"://验证验证码
		$get_randcode=trim(empty($_POST['captcha'])?"":$fun->checkInput($_POST['captcha']));
		if(strcasecmp($get_randcode,@$_SESSION['randcode'])<>0){
			$msg='{"root":[{"status":"false","Description":"验证码错误"}]}';
		}else{
			$msg='{"root":[{"status":"true","Description":"验证码正确"}]}';
		}
		
		break;
		
	case "send_mail"://发送邮件 找回密码
		//注册邮箱
		$foget_password_email=!empty($_POST['email'])?$fun->checkInput(trim($_POST['email'])):"";
		//验证码
		$foget_password_icode=!empty($_POST['captcha'])?trim($_POST['captcha']):"";
		if((empty($foget_password_email))||($foget_password_icode == "")){
			$msg='{"root":[{"status":"false","Description":"请您认真填写邮箱或验证码信息"}]}';
		}else{
		
			if(strcasecmp($foget_password_icode,@$_SESSION['randcode'])<>0){
				$msg='{"root":[{"status":"false","Description":"您输入的验证码错误"}]}';
			}else{
		
				$check_email=$db->get_one("SELECT `uid`, `status`, `uname`,`email` FROM `".$tbprefix."user` WHERE `email`='".$foget_password_email."'  AND `is_valid`='1' AND 1");
				if($check_email['uid']){
					if($check_email['status']==1){
						$randpwd=rand(1000000,99999999);//随机数
						$resetNewPwd=isset($randpwd)?trim($randpwd):$pwdresetting;
						$pwd_md5=$resetNewPwd.$pwdconstant;
		
						$send_content="亲爱的".$check_email['uname'].":<br/>您于".$m_now_date."重置了您的登录密码,您重置的临时密码是“".$resetNewPwd."” 请您登录后立即修改。
								<br/>您可以点击地址<a href='".$cfg['webURL']."' target='_blank'>".$cfg['webURL']."</a>登录。(如果无法点击，可以直接复制，然后粘贴到浏览器的地址栏里)
								<br/><br/>您收到这封电子邮件是因为您(也可能是某人冒充您的名义)重置了一个新的密码。假如这不是您本人所操作,请不用理会这封电子邮件,但是如果您持续收到这类信件的骚扰,请您尽快联络管理员
								<br/>来自&nbsp;".$cfg['sysNames']."
								<br/>此为系统邮件,请勿回复";
						
						$sendMail=$fun->send_email($email_config,$sendemail=$check_email['email'],$sendname=$check_email['uname'],$formname=$cfg['webName']."会员登录密码重置",$subject="您在《".$cfg['webName']."》重置密码成功",$content=$send_content);
						
						if($sendMail['status']=="true"){
							$dataArray['changetime']=$m_now_time;
							$dataArray['password']=md5($pwd_md5);
							$update_pwd=$db->update($table="`".$tbprefix."user`",$dataArray,$condition="`uid`='".$check_email['uid']."' AND 1");
							if($update_pwd==true){
								$msg='{"root":[{"status":"true","Description":"邮件发送成功,请注意查收"}]}';
							}else{
								$msg='{"root":[{"status":"false","Description":"邮件发送失败,请重新尝试"}]}';
							}
						}else{
							$msg='{"root":[{"status":"false","Description":"邮件发送失败,请重新尝试"}]}';
						}
					}else{
						$msg='{"root":[{"status":"false","Description":"您的用户名出现异常,我们已经对您的用户名做出冻结处理,您无法找回密码"}]}';
					}
		
				}else{
					$msg='{"root":[{"status":"false","Description":"未注册的邮箱,您无法找回密码"}]}';
				}
			}
		}
		
		break;
	case "check_user"://验证注册的用户名
		$login_user=!empty($_POST['user_name'])?$fun->checkInput(trim($_POST['user_name'])):"";
		$fromid=!empty($_POST['fromid'])?$fun->checkInput(trim($_POST['fromid'])):"1";
		$justice=$db->get_one("SELECT `uid`, `status` FROM `".$tbprefix."user` WHERE `uname`='".$login_user."' AND `is_valid`='1' AND 1");
		if($fromid==1){
			//登录验证
			if($justice['uid']){
				if($justice['status']==1){
					$msg='{"root":[{"status":"true","Description":"用户名正确"}]}';
				}else{
					$msg='{"root":[{"status":"false","Description":"用户名出现异常,已冻结"}]}';
				}
			
			}else{
				$msg='{"root":[{"status":"false","Description":"未注册的用户名"}]}';
			}
		}else{
			//注册验证
			if($justice['uid']){
				$msg='{"root":[{"status":"false","Description":"已经注册"}]}';	
			}else{
				$msg='{"root":[{"status":"true","Description":"可以使用"}]}';
			}
		}
		
		
		break;
	case "check_password"://验证密码是否正确
		$login_user=!empty($_POST['user_name'])?$fun->checkInput(trim($_POST['user_name'])):"";
		$login_pwd=md5((!empty($_POST['password'])?trim($_POST['password']):"").$pwdconstant);
		
		if(($login_user== "")){
			$msg='{"root":[{"status":"false","Description":"请输入用户名"}]}';
		}else{
			$justice=$db->get_one("SELECT `uid`, `uname`,`status` FROM `".$tbprefix."user` WHERE `uname`='".$login_user."' AND `password`='".$login_pwd."' AND `is_valid`='1' AND 1");
		
			if($justice['uid']){
				if($justice['status']==1){
					$msg='{"root":[{"status":"true","Description":"密码正确"}]}';
				}else{
					$msg='{"root":[{"status":"false","Description":"用户名出现异常,已冻结"}]}';
				}
			
			}else{
				$msg='{"root":[{"status":"false","Description":"密码错误"}]}';
			}
		}
		
		break;
		
	case "check_email":
		//注册邮箱
		$get_email=!empty($_POST['email'])?$fun->checkInput(trim($_POST['email'])):"";
		$fromid=!empty($_POST['fromid'])?$fun->checkInput(trim($_POST['fromid'])):"1";
		$check_email=$db->get_one("SELECT `uid`, `status`, `uname` FROM `".$tbprefix."user` WHERE `email`='".$get_email."' AND `is_valid`='1' AND 1");
		
		if($fromid==1){
			//找回密码验证
			if($check_email['uid']){
				if($check_email['status']==1){
					$msg='{"root":[{"status":"true","Description":"邮箱正确"}]}';
				}else{
					$msg='{"root":[{"status":"false","Description":"您的用户名出现异常,我们已经对您的用户名做出冻结处理,您无法找回密码"}]}';
				}
			
			}else{
				$msg='{"root":[{"status":"false","Description":"未注册的邮箱"}]}';
			}
		}else{
			//注册验证
			if($check_email['uid']){
				$msg='{"root":[{"status":"false","Description":"已经注册"}]}';	
			}else{
				$msg='{"root":[{"status":"true","Description":"可以使用"}]}';
			}
		}
		
		break;

	case "":
		$msg="ErrorPage";
		break;

	default:
		$msg='{"root":[{"status":"false","Description":"操作失败"}]}';
		break;
}

echo $msg;

?>